Ibm Rational Quality Manager vulnerabilities

201 known vulnerabilities affecting ibm/rational_quality_manager.

Total CVEs

201

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH7MEDIUM182LOW12

Vulnerabilities

Page 5 of 11

CVE-2018-1439MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1439 [MEDIUM] CWE-79 CVE-2018-1439: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139589.

cvelistv5nvd

CVE-2018-1440MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1440 [MEDIUM] CWE-79 CVE-2018-1440: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139595.

cvelistv5nvd

CVE-2018-1692MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1692 [MEDIUM] CWE-79 CVE-2018-1692: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145583.

cvelistv5nvd

CVE-2017-1649MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2017-1649 [MEDIUM] CWE-79 CVE-2017-1649: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133259.

cvelistv5nvd

CVE-2018-1395MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1395 [MEDIUM] CWE-79 CVE-2018-1395: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138427.

cvelistv5nvd

CVE-2018-1557MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1557 [MEDIUM] CWE-79 CVE-2018-1557: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142955.

cvelistv5nvd

CVE-2018-1405MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1405 [MEDIUM] CWE-79 CVE-2018-1405: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138441.

cvelistv5nvd

CVE-2018-1691MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.6+10 more2018-10-02

CVE-2018-1691 [MEDIUM] CWE-79 CVE-2018-1691: IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-si IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145582.

cvelistv5nvd

CVE-2018-1558MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.62018-10-02

CVE-2018-1558 [MEDIUM] CWE-79 CVE-2018-1558: IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerabl IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142956.

nvd

CVE-2018-1394MEDIUMCVSS 5.4≥ 5.0.0, ≤ 5.0.2≥ 6.0.0, ≤ 6.0.5+9 more2018-08-20

CVE-2018-1394 [MEDIUM] CWE-79 CVE-2018-1394: Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows use Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425.

cvelistv5nvd

CVE-2017-1753MEDIUMCVSS 5.4≥ 5.0.0, ≤ 5.0.2≥ 6.0.0, ≤ 6.0.5+9 more2018-08-20

CVE-2017-1753 [MEDIUM] CWE-94 CVE-2017-1753: Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject mali Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.

cvelistv5nvd

CVE-2018-1396MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2018-1396 [MEDIUM] CWE-79 CVE-2018-1396: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site sc IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138429.

cvelistv5nvd

CVE-2017-1793MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2017-1793 [MEDIUM] CWE-79 CVE-2017-1793: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site sc IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137038.

cvelistv5nvd

CVE-2017-1792MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2017-1792 [MEDIUM] CWE-79 CVE-2017-1792: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site sc IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137037.

cvelistv5nvd

CVE-2018-1549MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2018-1549 [MEDIUM] CWE-74 CVE-2018-1549: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poison

cvelistv5nvd

CVE-2018-1523MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2018-1523 [MEDIUM] CWE-79 CVE-2018-1523: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site sc IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141804.

cvelistv5nvd

CVE-2018-1423MEDIUMCVSS 6.5≥ 5.0, ≤ 5.0.2≥ 6.0.0, ≤ 6.0.5+9 more2018-07-10

CVE-2018-1423 [MEDIUM] CWE-200 CVE-2018-1423: IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026.

cvelistv5nvd

CVE-2017-1729MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2017-1729 [MEDIUM] CWE-79 CVE-2017-1729: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site sc IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134909.

cvelistv5nvd

CVE-2017-1791MEDIUMCVSS 5.4≥ 5.0, ≤ 5.0.2≥ 6.0, ≤ 6.0.5+9 more2018-07-10

CVE-2017-1791 [MEDIUM] CWE-79 CVE-2017-1791: IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site sc IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137036.

cvelistv5nvd

CVE-2018-1492MEDIUMCVSS 6.8≥ 5.0, ≤ 5.0.2≥ 6.0.0, ≤ 6.0.5+9 more2018-07-10

CVE-2018-1492 [MEDIUM] CWE-384 CVE-2018-1492: IBM Jazz Foundation products could allow a user with physical access to the system to log in as anot IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.

cvelistv5nvd

← Previous5 / 11Next →